Cybercriminals Earn Over $3 Billion Annually Exploiting Social Platforms

Feb 28, 2019

Bromium, Inc., a pioneer in application isolation and containment that stops advanced malware attacks, announced the findings of an independent academic study into cybercriminals’ increasingly aggressive exploitation of social media platforms. The report details the range of techniques used by cybercriminals to exploit trust and enable rapid infection across social media. It also details the range of services being offered in plain sight on social networks, including hacking tools and services, botnets for hire, facilitated digital currency scams and more. 

The findings come from ‘Social Media Platforms and the Cybercrime Economy, a six-month academic study sponsored by Bromium and undertaken by Dr. Mike McGuire, Senior Lecturer in Criminology at the University of Surrey. The study is the next chapter of ‘Into the Web of Profit’ and examines the role of social media platforms in the cybercrime economy. Key insights include:


  • Social media-enabled cybercrimes are generating at least $3.25 billion in global revenue annually
  • One in five organizations have been infected with malware distributed via social media
  • Reports of cybercrime involving social media grew by more than 300-fold between 2015 and 2017 in the US, and social media-enabled crime quadrupled between 2013 and 2018 in the UK
  • Over 1.3 billion social media users have had their data compromised within the last five years and between 45-50% of the illicit trading of data from 2017 to 2018 could be associated with breaches of social media platforms
  • Four of the top five global websites hosting cryptomining code are social media platforms
  • The number of enterprises infected by cryptomining malware doubled from 2017 to 2018
  • Social media platforms contain up to 20% more methods by which malware can be delivered to users – e.g. through adverts, shares, plug-ins – than comparable sources, such as ecommerce, digital media or corporate websites
  • Social media has fueled a 36% increase in the recruitment of ‘millennial money mules’ since 2016 and has increased fraud revenues by 60% since 2017


Cryptomining and Digital Currency Scams

Since 2017 there has been a 400% to 600% increase in the amount of cryptomining malware being detected globally, the vast majority of which has been found on social media platforms. Of the top 20 global websites that host cryptomining software, 11 are social media platforms like Twitter and Facebook. Apps, adverts, and links have been the primary delivery mechanism for cryptomining software on social platforms, with the majority of malware detected by this research mining Monero (80%) and Bitcoin (10%), earning $250 million per year for cybercriminals.


Social Media in the Middle of a Chain Exploitation and Malicious Malware Attacks

The report found crimeware tools and services widely available on social media platforms. Up to 40 percent of inspected social media sites had a form of hacking service offering hackers for hire, hacking tutorials and tools to help hack websites. Social media platforms also enable an underground economy for the trading of stolen data, such as credit card details, earning cybercriminals $630 million per year.

Social media platforms have become a major source of malware distribution. The research found that up to 40% of malware infections on social media come from malvertising, and at least 30% come from plug-ins and apps, many of which lure users in by offering additional functionality or deals. Once the user clicks, the malware executes – allowing hackers to steal data, install keyloggers, deliver ransomware, persist and hide for future attacks and so on. The spread of malware is facilitated by large user bases and the fact that many social media sites share user profiles across platforms, enabling “chain exploitation”, whereby malware can spread across multiple social media sites from one account.

Related Articles

Atypon has announced its acquisition of two authoring platforms - Authorea and Manuscripts - enabling the company to provide free HTML-first authoring and collaboration tools for researchers.